BugTraq Mode:
(Page 6 of 1709)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
[SECURITY] [DSA 3772-1] libxpm security update 2017-01-26
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3772-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
January 26, 2017

[ more ]  [ reply ]
ESA-2016-167: EMC Documentum D2 Multiple Vulnerabilities 2017-01-26
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-167: EMC Documentum D2 Multiple Vulnerabilities

EMC Identifier: ESA-2016-167

CVE Identifier: CVE-2016-9872, CVE-2016-9873

Severity Rating: CVSS v3 Base Score: See below for CVSSv3 score.

Affected products:

EMC Documentum D2

[ more ]  [ reply ]
ESA-2016-160: EMC Data Domain DD OS Command Injection Vulnerability 2017-01-26
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-160: EMC Data Domain DD OS Command Injection Vulnerability

EMC Identifier: ESA-2016-160

CVE Identifier: CVE-2016-8216

Severity Rating: CVSS v3 Base Score: 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected products:

EMC Data

[ more ]  [ reply ]
ESA-2016-132: EMC RecoverPoint Multiple Vulnerabilities 2017-01-26
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-132: EMC RecoverPoint Multiple Vulnerabilities

EMC Identifier: ESA-2016-132

CVE Identifiers: CVE-2016-6648, CVE-2016-6649

Severity Rating: CVSS v3 Base Score: See below for individual scores.

Affected products:

EMC Recove

[ more ]  [ reply ]
ESA-2016-092: RSA® Web Threat Detection Cross Site Scripting Vulnerability 2017-01-26
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-092: RSA® Web Threat Detection Cross Site Scripting Vulnerability

EMC Identifier: ESA-2016-092

CVE Identifier: CVE-2016-0919

Severity Rating: CVSS v3 Base Score: 7.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)

Affected Products:

·

[ more ]  [ reply ]
PEAR HTTP_Upload v1.0.0b3 Arbitrary File Upload 2017-01-26
apparitionsec gmail com (hyp3rlinx)
[+]#####################################################################
###########################
[+] Credits: John Page AKA Hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/PEAR-HTTP_UPLOAD-ARBITRARY-FI
LE-UPLOAD.txt
[+] ISR: ApparitionSEC

[ more ]  [ reply ]
[SECURITY] [DSA 3771-1] firefox-esr security update 2017-01-25
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3771-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
January 25, 2017

[ more ]  [ reply ]
Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability 2017-01-25
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Google Forms WordPress Plugin unauthenticated PHP Object injection
vulnerability
------------------------------------------------------------------------

Yorick Koster, June 2016

-----------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability 2017-01-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20170125-telepresence

Revision 1.0

For Public Release 2017 January 25 16:00 UTC (GMT)

+-----------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability 2017-01-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability

Advisory ID: cisco-sa-20170125-expressway

Revision 1.0

For Public Release 2017 January 25 16:00 UTC (GMT)

+---------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability 2017-01-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability

Advisory ID: cisco-sa-20170125-cas

Revision 1.0

For Public Release 2017 January 25 16:00 UTC (GMT)

+-------------------------------

[ more ]  [ reply ]
ESA-2016-166: EMC Isilon OneFS Privilege Escalation Vulnerability 2017-01-25
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-166: EMC Isilon OneFS Privilege Escalation Vulnerability

EMC Identifier: ESA-2016-166

CVE Identifier: CVE-2016-9871

Severity Rating: CVSS v3 Base Score: 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products:

? EMC Is

[ more ]  [ reply ]
OpenCart 2.3.0.2 CSRF - User Account Takeover 2017-01-25
Open Security (open opensecurity ca)
===[ Introduction ]===

OpenCart is a free open source ecommerce platform for online merchants.
OpenCart provides a professional and reliable foundation from which to
build a successful online store.

===[ Description ]===

There is a security vulnerability in OpenCart 2.3.0.2 which allows a
hacker

[ more ]  [ reply ]
[security bulletin] HPSBST03642 rev.3 - HPE StoreVirtual Products running LeftHand OS using OpenSSL and OpenSSH, Remote Arbitrary Code Execution, Denial of Service (DoS), Disclosure of Sensitive Information, Unauthorized Access 2017-01-24
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053019
46

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05301946

Version: 3

HPSBST03642 rev.3

[ more ]  [ reply ]
[security bulletin] HPSBHF03695 rev.1 - HPE Ethernet Adaptors, Remote Denial of Service (DoS) 2017-01-24
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053683
78

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05368378

Version: 1

HPSBHF03695 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBHF03441 rev.2 - HPE iLO 3, iLO 4 and iLO 4 mRCA, Remote Multiple Vulnerabilities 2017-01-24
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c052369
50

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05236950

Version: 2

HPSBHF03441 rev.2

[ more ]  [ reply ]
Cisco Security Advisory: Cisco WebEx Browser Extension Remote Code Execution Vulnerability 2017-01-24
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20170124-webex

Revision 1.0

For Public Release 2017 January 22 18:30 UTC (GMT)
Last Updated 2017 January 24 18:30 UTC (GMT)

+--------------------------------

[ more ]  [ reply ]
[security bulletin] HPSBGN03690 rev.1 - HPE Real User Monitor (RUM), Remote Disclosure of Information 2017-01-24
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053694
15

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05369415

Version: 1

HPSBGN03690 rev.1

[ more ]  [ reply ]
CVE-2017-3241 - [ERPSCAN-17-006] Oracle OpenJDK - Java Serialization DoS 2017-01-24
ERPScan inc (erpscan online gmail com)
Application: Java SE

Vendor: Oracle

Bug: DoS

Reported: 23.12.2016

Vendor response: 24.12.2016

Date of Public Advisory: 17.01.2017

Reference: Oracle CPU Jan 2017

Author: Roman Shalymov

1. ADVISORY INFORMATION

Title: Oracle OpenJDK - Java Serialization DoS

Advisory ID: [ERPSCAN-17-006]

Ri

[ more ]  [ reply ]
[ERPSCAN-17-005] Oracle PeopleSoft - XSS vulnerability CVE-2017-3300 2017-01-24
ERPScan inc (erpscan online gmail com)
Application: Oracle PeopleSoft

Vendor: Oracle

Bugs: XXS

Reported: 31.10.2016

Vendor response: 1.11.2016

Date of Public Advisory: 17.01.2017

Reference: Oracle CPU Jan 2017

Authors: Vahagn Vardanyan, Dmitry Yudin

1. ADVISORY INFORMATION

Title: Oracle PeopleSoft â?? XSS vulnerability

Adviso

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2017-023-01) 2017-01-24
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2017-023-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-7 iTunes for Windows 12.5.5

iTunes for Windows 12.5.5 is now available and addresses the
following:

WebKit
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corru

[ more ]  [ reply ]
APPLE-SA-2017-01-23-6 iCloud for Windows 6.1.1 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-6 iCloud for Windows 6.1.1

iCloud for Windows 6.1.1 is now available and addresses the
following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution

[ more ]  [ reply ]
APPLE-SA-2017-01-23-2 macOS 10.12.3 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-2 macOS 10.12.3

macOS 10.12.3 is now available and addresses the following:

apache_mod_php
Available for: macOS Sierra 10.12.2
Impact: Multiple issues in PHP
Description: Multiple issues were addressed by updating to PHP
version

[ more ]  [ reply ]
APPLE-SA-2017-01-23-5 Safari 10.0.3 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-5 Safari 10.0.3

Safari 10.0.3 is now available and addresses the following:

Safari
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.3
Impact: Visiting a malicious website may lead to addres

[ more ]  [ reply ]
APPLE-SA-2017-01-23-4 tvOS 10.1.1 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-4 tvOS 10.1.1

tvOS 10.1.1 is now available and addresses the following:

Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer ov

[ more ]  [ reply ]
APPLE-SA-2017-01-23-3 watchOS 3.1.3 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-3 watchOS 3.1.3

watchOS 3.1.3 is now available and addresses the following:

Accounts
Available for: All Apple Watch models
Impact: Uninstalling an app did not reset the authorization settings
Description: An issue existed which

[ more ]  [ reply ]
APPLE-SA-2017-01-23-1 iOS 10.2.1 2017-01-23
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-01-23-1 iOS 10.2.1

iOS 10.2.1 is now available and addresses the following:

Auto Unlock
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: Auto Unlock may unlock when Apple Wa

[ more ]  [ reply ]
ESA-2016-150: RSA® Security Analytics Reflected Cross-Site Scripting Vulnerability 2017-01-23
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-150: RSA® Security Analytics Reflected Cross-Site Scripting Vulnerability

EMC Identifier: ESA-2016-150

CVE Identifier: CVE-2016-8215

Severity Rating: CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Affected Produ

[ more ]  [ reply ]
ESA-2016-146: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2017-01-23
EMC Product Security Response Center (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

ESA-2016-146: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability

EMC Identifier: ESA-2016-146

CVE Identifier: CVE-2016-8214

Severity Rating: CVSSv3 Base Score: 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affe

[ more ]  [ reply ]
(Page 6 of 1709)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus